Lucene search
+L
UbuntucveRecent

71772 matches found

UbuntuCve
UbuntuCve
•added 2026/06/26 8:17 p.m.•3 views

CVE-2026-53299

In the Linux kernel, the following vulnerability has been resolved: net: airoha: Move ndesc initialization at end of airohaqdmainittx If queue entry list allocation fails in airohaqdmainittxqueue routine, airohaqdmacleanuptxqueue will trigger a NULL pointer dereference accessing the queue entry...

5.5CVSS6AI score0.00121EPSS
Exploits0References5
UbuntuCve
UbuntuCve
•added 2026/06/26 8:17 p.m.•3 views

CVE-2026-53309

In the Linux kernel, the following vulnerability has been resolved: ocfs2/dlm: fix off-by-one in dlmmatchregions region comparison The local-vs-remote region comparison loop uses '=' instead of '', causing it to read one entry past the valid range of qrregions. The other loops in the same functio...

9.8CVSS6AI score0.00404EPSS
Exploits0References10
UbuntuCve
UbuntuCve
•added 2026/06/26 8:17 p.m.•3 views

CVE-2026-53314

In the Linux kernel, the following vulnerability has been resolved: padata: Put CPU offline callback in ONLINE section to allow failure syzbot reported the following warning: DEAD callback error for CPU1 WARNING: kernel/cpu.c:1463 at cpudown+0x759/0x1020 kernel/cpu.c:1463, CPU0: syz.0.1960/14614 ...

5.5CVSS6AI score0.00114EPSS
Exploits0References8
UbuntuCve
UbuntuCve
•added 2026/06/26 8:17 p.m.•3 views

CVE-2026-53302

In the Linux kernel, the following vulnerability has been resolved: crypto: eip93 - fix hmac setkey algo selection eip93hmacsetkey allocates a temporary ahash transform for computing HMAC ipad/opad key material. The allocation uses the driver-specific cradrivername e.g. "sha256-eip93" but passes...

5.5CVSS6AI score0.00121EPSS
Exploits0References5
UbuntuCve
UbuntuCve
•added 2026/06/26 8:17 p.m.•3 views

CVE-2026-53318

In the Linux kernel, the following vulnerability has been resolved: wifi: mt76: mt7925: prevent NULL pointer dereference in mt7925txcheckaggr Move the NULL check for 'sta' before dereferencing it to prevent a possible crash...

5.5CVSS6AI score0.00114EPSS
Exploits0References6
UbuntuCve
UbuntuCve
•added 2026/06/26 8:17 p.m.•3 views

CVE-2026-53324

In the Linux kernel, the following vulnerability has been resolved: net: mana: Use pciname for debugfs directory naming Use pcinamepdev for the per-device debugfs directory instead of hardcoded "0" for PFs and pcislotnamepdev-slot for VFs. The previous approach had two issues: 1. pcislotname...

5.5CVSS6AI score0.00115EPSS
Exploits0References5
UbuntuCve
UbuntuCve
•added 2026/06/26 8:17 p.m.•3 views

CVE-2026-53321

In the Linux kernel, the following vulnerability has been resolved: iouring/napi: cap busypollto 10 msec Currently there's no cap on the maximum amount of time that napi is allowed to poll if no events are found, which can lead to kernel complaints on a task being stuck as there's no conditional...

5.5CVSS6AI score0.00112EPSS
Exploits0References5
UbuntuCve
UbuntuCve
•added 2026/06/26 8:17 p.m.•3 views

CVE-2026-53288

In the Linux kernel, the following vulnerability has been resolved: arm64: Reserve an extra page for early kernel mapping The final part of data, end segment may overflow into the next page of initpgend1 which is the gap page before earlyinitstack2: 1 crasharm64v9.0.1 vtop ffffffed00601000 VIRTUA...

5.5CVSS6AI score0.00122EPSS
Exploits0References6
UbuntuCve
UbuntuCve
•added 2026/06/26 8:17 p.m.•3 views

CVE-2026-53305

In the Linux kernel, the following vulnerability has been resolved: usb: typec: ps883x: Fix Oops at unbind When trying to unbind a device in order to bind to it vfio-platform as: echo bc0000.geniqup /sys/bus/platform/devices/bc0000.geniqup/driver/unbind I get the following Oops: 436.478639 Unable...

5.5CVSS6AI score0.00121EPSS
Exploits0References5
UbuntuCve
UbuntuCve
•added 2026/06/26 8:17 p.m.•3 views

CVE-2026-53280

In the Linux kernel, the following vulnerability has been resolved: iommu: Fix NULL group-domain dereference in pcidevresetiommudone Local sashiko review pointed it out that group-domain could be NULL when a default domain fails to allocate during the first probe, which can crash at...

5.5CVSS6AI score0.00107EPSS
Exploits0References4
UbuntuCve
UbuntuCve
•added 2026/06/26 8:17 p.m.•3 views

CVE-2026-53281

In the Linux kernel, the following vulnerability has been resolved: iommu/vt-d: Avoid NULL pointer dereference or refcount corruption Commit 60f030f7418d "iommu/vt-d: Avoid use of NULL after WARNONONCE" fixed a NULL pointer dereference in an unlikely situation partly. If devpasid is not found in...

8.8CVSS6AI score0.00125EPSS
Exploits0References5
UbuntuCve
UbuntuCve
•added 2026/06/26 8:16 p.m.•3 views

CVE-2026-29509

Patool before 4.0.5 contains a path traversal vulnerability in the safeextract function in patoolib/programs/pytarfile.py when running on Python before 3.12, where the iswithindirectory helper uses os.path.commonprefix for character-level string comparison instead of path-level comparison, allowi...

5.4CVSS6.2AI score0.00285EPSS
Exploits0References1
UbuntuCve
UbuntuCve
•added 2026/06/26 6:17 p.m.•2 views

CVE-2026-56876

extract-zip does not validate symlink targets when extracting zip archives. When processing a malicious zip file containing a symlink with a relative path like '../../../../etc/passwd', extract-zip will extract the symlink without validation, allowing it to point outside the extraction directory...

8.6CVSS7AI score0.00346EPSS
Exploits1References4
UbuntuCve
UbuntuCve
•added 2026/06/26 5:16 p.m.•2 views

CVE-2026-57231

Podman is a tool for managing OCI containers and pods. From 1.8.1 until 5.8.4, a container image that contains a environment variable with just a key and no value can trick podman into passing that variable from the host into the container. This is made worse by the fact that using an asterisk wi...

7.5CVSS6.1AI score0.0026EPSS
Exploits0References3
UbuntuCve
UbuntuCve
•added 2026/06/26 5:16 p.m.•3 views

CVE-2026-55686

Podman is a tool for managing OCI containers and pods. From 3.0.0 until 5.7.1, running a malicious container image where the WORKDIR path contains a symlink can create a directory or modify ownership on the host filesystem. Modified ownership is less likely to happen as that requires help from an...

5.3CVSS6.1AI score0.00317EPSS
Exploits1References3
UbuntuCve
UbuntuCve
•added 2026/06/26 5:16 p.m.•3 views

CVE-2026-55677

Echo is a Go web framework. Prior to 4.15.3 and 5.2.0, Echo's router and static file handler disagree on URL path decoding. The router matches routes using the raw encoded path preserving %2F as-is, while StaticDirectoryHandler unescapes %2F to / before resolving filesystem paths. This allows an...

7.5CVSS6.1AI score0.0043EPSS
Exploits0References2
UbuntuCve
UbuntuCve
•added 2026/06/26 5:16 p.m.•3 views

CVE-2026-28385

In Canonical LXD versions 4.12 through 6.9, a Server-Side Request Forgery SSRF vulnerability in the image import functionality allows authenticated users with the cancreateimages entitlement to interact with internal network infrastructure via the /images endpoint. When importing an image from a...

5CVSS6.1AI score0.0017EPSS
Exploits1References3
UbuntuCve
UbuntuCve
•added 2026/06/26 4:16 p.m.•3 views

CVE-2026-9640

A privilege escalation vulnerability exists in LXD from 6.0 before 6.9, 5.21.0 before 5.21.5, and 5.0.0 before 5.0.7 regarding the handling of project-restriction policies during snapshot restoration.. An authenticated project operator in a restricted multi-tenant environment can bypass policy...

7.2CVSS6.1AI score0.00342EPSS
Exploits1References5
UbuntuCve
UbuntuCve
•added 2026/06/26 4:16 p.m.•2 views

CVE-2026-0685

Server side template inject SSTI in the expression evaluation component in Genshi Template Engine version 0.7.9 allows a remote attacker to achieve remote code execution RCE via crafted template expressions...

9.8CVSS6.5AI score0.00726EPSS
Exploits0References3
UbuntuCve
UbuntuCve
•added 2026/06/26 4:16 p.m.•4 views

CVE-2026-12411

Broken Access Control in the devLXDInstancePatchHandler component of Canonical LXD allows an untrusted guest to mount, read, and overwrite another guest's custom storage volume via a crafted device PATCH request over /dev/lxd when security.devlxd.management.volumes is enabled...

9.6CVSS6.1AI score0.00209EPSS
Exploits1References3
UbuntuCve
UbuntuCve
•added 2026/06/26 4:16 p.m.•3 views

CVE-2026-9639

Nil-pointer dereference in CreateCustomVolumeFromBackup in LXD up to version 6.8 and 5.21 on Linux allows an authenticated user with cancreatestoragevolumes permissions to cause a denial of service via a specially crafted custom-volume backup tarball that omits the expiresat snapshot field...

6.5CVSS6.1AI score0.00389EPSS
Exploits1References4
UbuntuCve
UbuntuCve
•added 2026/06/26 2:0 p.m.•3 views

CVE-2026-8286

A vulnerability exists where a new transfer that uses STARTTLS to upgrade the connection might reuse an existing live connection even though the TLS configuration mismatches so it should not...

8.1CVSS6.1AI score0.0052EPSS
Exploits1References3
UbuntuCve
UbuntuCve
•added 2026/06/26 11:16 a.m.•4 views

CVE-2026-57918

libnfs through 6.0.2 before 935b8db has an xid integer underflow in READIOVEC in rpcreadfromsocket in lib/socket.c during a connection to a crafted NFS server, when the expected pdu size exceeds the absolute pdu size from the xid/record-marker...

7.1CVSS6.1AI score0.00195EPSS
Exploits0References1
UbuntuCve
UbuntuCve
•added 2026/06/26 10:16 a.m.•3 views

CVE-2026-6658

A vulnerability in jupyter/nbconvert versions tag. This vulnerability impacts any server using nbconvert to render notebooks as HTML, allowing attackers to execute arbitrary JavaScript in the context of users viewing the HTML export...

5.4CVSS6.4AI score0.00134EPSS
Exploits0References3
UbuntuCve
UbuntuCve
•added 2026/06/26 9:16 a.m.•2 views

CVE-2026-11625

Bytes::Random::Secure versions through 0.29 for Perl share internal state across forked processes. When an object is initialised before forking, or when the functional interface is used, then the internal state for the PRNG is shared across processes and identical random streams will be produced...

7.5CVSS6.1AI score0.00309EPSS
Exploits0References6
UbuntuCve
UbuntuCve
•added 2026/06/26 2:16 a.m.•3 views

CVE-2026-48615

A flaw in Node.js proxy tunnel error handling could expose proxy credentials in ERRPROXYTUNNEL error messages. When proxy credentials are embedded in the proxy URL, they may be exposed through error handling paths and captured by logs, diagnostics, or other error consumers. This vulnerability...

7.5CVSS6.7AI score0.00437EPSS
Exploits0References2
UbuntuCve
UbuntuCve
•added 2026/06/26 2:16 a.m.•3 views

CVE-2026-48935

A flaw in Node.js Permission API can cause a file metadata to be modified even on a path that was set as read-only with e.g. --allow-fs-read. This vulnerability affects all supported release lines: Node.js 22, Node.js 24, and Node.js 26...

3.3CVSS6.7AI score0.00154EPSS
Exploits0References2
UbuntuCve
UbuntuCve
•added 2026/06/26 2:16 a.m.•3 views

CVE-2026-48934

A flaw in Node.js TLS host verification can cause an attacker to bypass certification validation. This vulnerability affects all supported release lines: Node.js 22, Node.js 24, and Node.js 26...

4.3CVSS6.7AI score0.00258EPSS
Exploits0References2
UbuntuCve
UbuntuCve
•added 2026/06/26 2:16 a.m.•3 views

CVE-2026-48619

A flaw in Node.js HTTP/2 client allows a server to send an unlimited number of ORIGIN frames, which could lead to an Out of Memory error on the client. This vulnerability affects all supported release lines: Node.js 22, Node.js 24, and Node.js 26...

7.5CVSS6.7AI score0.00656EPSS
Exploits0References2
UbuntuCve
UbuntuCve
•added 2026/06/26 2:16 a.m.•3 views

CVE-2026-48618

A flaw in Node.js TLS hostname handling can cause Node.js unicode dot separator handling can lead to tls wildcard-depth authentication bypass due to resolver and verifier hostname normalization mismat. This can lead to confidentiality impact or bypass of the intended security boundary under...

7.7CVSS7AI score0.02486EPSS
Exploits0References2
UbuntuCve
UbuntuCve
•added 2026/06/26 2:16 a.m.•3 views

CVE-2026-48930

A flaw in Node.js TLS hostname handling can cause Embedded-nul hostnames can lead to silent authority rebinding due to c-string truncation in resolver bindings. This vulnerability affects all supported release lines: Node.js 22, Node.js 24, and Node.js 26...

9.8CVSS6.7AI score0.00405EPSS
Exploits0References2
UbuntuCve
UbuntuCve
•added 2026/06/26 2:16 a.m.•4 views

CVE-2026-48936

A flaw in Node.js Permission API can cause a local server to be started via a Unix domain socket, even without the --allow-net permission. This vulnerability affects one supported release line: Node.js 26...

3.3CVSS6.3AI score0.00154EPSS
Exploits0References2
UbuntuCve
UbuntuCve
•added 2026/06/26 2:16 a.m.•3 views

CVE-2026-48933

A flaw in Node.js WebCrypto implementation can crash the process if the input of subtle.encrypt is a multiple of 2GiB. This vulnerability affects all supported release lines: Node.js 22, Node.js 24, and Node.js 26...

7.5CVSS7AI score0.02806EPSS
Exploits0References2
UbuntuCve
UbuntuCve
•added 2026/06/26 2:16 a.m.•3 views

CVE-2026-48928

A inconsistency in Node.js hostname matching can cause a trust-policy bypass in multi-context mTLS setups. This vulnerability affects all supported release lines: Node.js 22, Node.js 24, and Node.js 26...

5.4CVSS6.7AI score0.00256EPSS
Exploits0References2
UbuntuCve
UbuntuCve
•added 2026/06/26 12:0 a.m.•2 views

CVE-2026-54548

Unknown description...

6.1AI score
Exploits0References2
UbuntuCve
UbuntuCve
•added 2026/06/26 12:0 a.m.•3 views

CVE-2026-55520

Unknown description...

6.1AI score
Exploits0References2
UbuntuCve
UbuntuCve
•added 2026/06/25 11:17 p.m.•3 views

CVE-2026-40082

Cacti is an open source performance and fault management framework. Versions 1.2.30 and prior have missing sessionregenerateid after login, leading to Session Fixation. sessionregenerateid is NOT called after successful login. The login flow at authlogin.php:203-207 directly sets $SESSIONSESSUSER...

5.4CVSS6.2AI score0.00183EPSS
Exploits1References4
UbuntuCve
UbuntuCve
•added 2026/06/25 11:17 p.m.•2 views

CVE-2026-40941

Cacti is an open source performance and fault management framework. Versions 1.2.30 and prior have a package import signature validation bypass allows which allows self-signed packages. This issue has been fixed in version 1.2.31...

7.1CVSS6.6AI score0.00159EPSS
Exploits0References5
UbuntuCve
UbuntuCve
•added 2026/06/25 11:17 p.m.•3 views

CVE-2026-40084

Cacti is an open source performance and fault management framework. Versions 1.2.30 and prior are vulnerable to Path Traversal through the Report formatfile Parameter, causing arbitrary file read. This vulnerability occurs in two stages. In the first stage stored injection, lib/htmlreports.php at...

6.5CVSS6.6AI score0.00324EPSS
Exploits1References3
UbuntuCve
UbuntuCve
•added 2026/06/25 11:17 p.m.•4 views

CVE-2026-40083

Cacti is an open source performance and fault management framework. Versions 1.2.30 and prior have SQL Injection through unsanitized unserialize+implode in managers.php. At line 756 of managers.php, the application assigns $selecteditems by calling...

7.2CVSS7AI score0.00279EPSS
Exploits1References3
UbuntuCve
UbuntuCve
•added 2026/06/25 11:17 p.m.•3 views

CVE-2026-40080

Cacti is an open source performance and fault management framework. Versions 1.2.30 and prior are vulnerable to Open Redirect through a substring check rather than a host check at strcontains$referer, CACTIPATHURL. When the user's loginopts == '1' redirect to referer after login, the function use...

6.1CVSS6.3AI score0.00151EPSS
Exploits1References4
UbuntuCve
UbuntuCve
•added 2026/06/25 10:17 p.m.•3 views

CVE-2026-7511

PKCS7verify signer confusion allows forged signatures, where the signer associated with a signature is not correctly bound, permitting a forged signature to be accepted...

7.5CVSS6.1AI score0.00171EPSS
Exploits0References4
UbuntuCve
UbuntuCve
•added 2026/06/25 10:17 p.m.•3 views

CVE-2026-13282

Use after free in Payments in Google Chrome on Android prior to 149.0.7827.201 allowed a local attacker to potentially exploit heap corruption via physical access to the device. Chromium security severity: High...

6.8CVSS6.1AI score0.00115EPSS
Exploits0References3
UbuntuCve
UbuntuCve
•added 2026/06/25 10:17 p.m.•4 views

CVE-2026-6325

Out-of-bounds write in SetSuitesHashSigAlgo when processing an oversized signature algorithms list, allowing a write past the bounds of the destination buffer...

7.5CVSS6.1AI score0.00175EPSS
Exploits0References4
UbuntuCve
UbuntuCve
•added 2026/06/25 10:17 p.m.•3 views

CVE-2026-8720

wcBlake2bHmacFinal and wcBlake2sHmacFinal discard the message when the key length exceeds the block size, producing a MAC that is independent of the input. When the supplied key is longer than the BLAKE2 block size the key-hashing branch reinitialized the running hash state, discarding the...

7.5CVSS6.1AI score0.00111EPSS
Exploits0References4
UbuntuCve
UbuntuCve
•added 2026/06/25 10:17 p.m.•3 views

CVE-2026-55962

TLS 1.3 post-handshake authentication PHA issue where a server could accept a client's Finished message without the client having sent a Certificate and CertificateVerify. The post-handshake-auth exemption that allows an empty/absent peer certificate was only intended for the initial handshake, b...

6.5CVSS6.1AI score0.00143EPSS
Exploits0References4
UbuntuCve
UbuntuCve
•added 2026/06/25 10:17 p.m.•2 views

CVE-2026-6092

When HAVEENCRYPTTHENMAC is configured, the implementation could fall back to MAC-then-Encrypt rather than enforcing Encrypt-then-MAC...

5.3CVSS6.1AI score0.00209EPSS
Exploits0References4
UbuntuCve
UbuntuCve
•added 2026/06/25 10:17 p.m.•2 views

CVE-2026-11703

Missing SNI/ALPN binding on stateful session-ID resumption, which previously skipped the binding check performed for ticket-based resumption. A cached session could be resumed under a different SNI/ALPN than originally negotiated and, where client-authentication policy differs across virtual host...

7.5CVSS6.1AI score0.0021EPSS
Exploits0References3
UbuntuCve
UbuntuCve
•added 2026/06/25 10:17 p.m.•3 views

CVE-2026-6330

The ML-KEM ARM64 NEON ciphertext comparison only compares half of the input, breaking the Fujisaki-Okamoto transform's implicit rejection and weakening IND-CCA2 security on that code path. The constant-time comparison effectively ignored part of the re-encrypted ciphertext, so a decapsulating par...

6.5CVSS6.2AI score0.0013EPSS
Exploits0References4
UbuntuCve
UbuntuCve
•added 2026/06/25 10:17 p.m.•3 views

CVE-2026-6329

PKCS12 MAC verification uses an attacker-controlled comparison length, weakening the integrity check on the MAC and allowing a mismatched MAC to be accepted. The PKCS12 verify path compared the locally computed HMAC against the MAC parsed from the PKCS12 structure using a length taken directly fr...

6.5CVSS6.1AI score0.0016EPSS
Exploits0References4
Total number of security vulnerabilities71772